\chapter{Libreswan Debugging}

%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
%
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
\section{Using Network Tools}
 
\subsection{IPSec tunnel: tcpdump between centos64-1 and centos64-2}
For a host-host connection between 
\begin{compactenum} 
\item Monitor IP on port 50 or 51 on centos64-1
   \VerbatimInput[fontsize=\small]{txt/tcpdump-waiting.txt}
\item Send 2 pings from centos64-1 to centos64-2 for tcpdump to capthure the packets.
   \VerbatimInput[fontsize=\small]{txt/centos64-2-tcpdump-ping2.txt}
\item A successful capture.
   \VerbatimInput[fontsize=\small]{txt/tcpdump-captured-2-packets.txt}
\end{compactenum}

%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
%
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%

\subsection{No IPsec: tcpdump between centos64-1 and centos64-2}
For a host-host connection between 
\begin{compactenum} 
\item Send 2 pings from centos64-1 to centos64-2 for tcpdump to capthure the packets.
   \VerbatimInput[fontsize=\small]{txt/centos64-1-icmp-port1.txt      left-var-log-ipsec.log}
\item A successful capture showing \index{IP Packet!ESP}{ESP} packet.
   \VerbatimInput[fontsize=\small]{txt/centos64-icmp-captured.txt}
\end{compactenum}

%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
%
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%

\section{Log files}
 
\subsection{OS}
\begin{description}
\item[item1]
\item[item2]
\end{description}

%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
%
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%

\section{Libreswan commands}
 
\subsection{OS}

\begin{description}
\item[item1]
\item[item2]
\end{description}

%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
%
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
\section{Getting Source}

\begin{figure}[H]
\caption{GCE Host to Intranet via VPN}
\label{fig:GCE-Host-to-Intranet-via-VPN}
\begin{center}
\includegraphics[scale=0.65]{dia/gce-host-network-vpn.pdf}
\end{center}
\end{figure}

\subsubsection{from https://code.google/p/libreswan}

\begin{description}
\item[item1]
\item[item2]
\end{description}

\subsubsection{Read only from https://github/tjyang/libreswan}

\begin{description}
\item[item1]
\item[item2]
\end{description}

%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
%
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
\section{compile source}

\begin{figure}[H]
\caption{GCE Host to Intranet via VPN}
\label{fig:GCE-Host-to-Intranet-via-VPN}
\begin{center}
\includegraphics[scale=0.65]{dia/gce-network-network-vpn.pdf}
\end{center}
\end{figure}

\begin{description}
\item[item1]
\item[item2]
\end{description}
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
%
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%


\section{create package}

\begin{figure}[H]
\caption{GCE Host to Intranet via VPN}
\label{fig:GCE-Host-to-Intranet-via-VPN}
\begin{center}
\includegraphics[scale=0.65]{dia/gce-xymon-failover-drbd.pdf}
\end{center}
\end{figure}

\subsubsection{Create CentOS/RHEL/Fedora package}

\begin{description}
\item[item1]
\item[item2]
\end{description}
\subsubsection{Create Debian}
\begin{description}
\item[item1]
\item[item2]
\end{description}

\subsubsection{Create Ubuntu}
\begin{description}
\item[item1]
\item[item2]
\end{description}

%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
%
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%

\section{libswan-testcase1}

\begin{figure}[H]
\caption{GCE Host to Intranet via VPN}
\label{fig:GCE-Host-to-Intranet-via-VPN}
\begin{center}
\includegraphics[scale=0.65]{dia/libreswan-testcase1.pdf}
\end{center}
\end{figure}

\begin{description}
\item[item1]
\item[item2]
\end{description}
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
%
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%


%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
%
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%


\section{gce-host-network-vpn}

\begin{figure}[H]
\caption{GCE Host to Intranet via VPN}
\label{fig:GCE-Host-to-Intranet-via-VPN}
\begin{center}
\includegraphics[scale=0.65]{dia/gce-host-network-vpn.pdf}
\end{center}
\end{figure}

\begin{description}
\item[item1]
\item[item2]
\end{description}
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
%
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%

%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
%
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%


\section{gce-network-network-vpn-drbd}

\begin{figure}[H]
\caption{GCE Host to Intranet via VPN}
\label{fig:GCE-Host-to-Intranet-via-VPN}
\begin{center}
\includegraphics[scale=0.65]{dia/gce-network-network-vpn-drbd.pdf}
\end{center}
\end{figure}

\begin{description}
\item[item1]
\item[item2]
\end{description}
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
%
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%


%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
%
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%


\section{gce-intranet}
\begin{figure}[H]
\caption{GCE Host to Intranet via VPN}
\label{fig:GCE-Host-to-Intranet-via-VPN}
\begin{center}
\includegraphics[scale=0.65]{dia/gce-intranet}
\end{center}
\end{figure}
\begin{description}
\item[item1]
\item[item2]
\end{description}
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
%
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%

\section{gce-ssh-vpn}
\begin{figure}[H]
\caption{GCE Host to Intranet via VPN}
\label{fig:GCE-Host-to-Intranet-via-VPN}
\begin{center}
\includegraphics[scale=0.65]{dia/gce-ssh-vpn}		    
\end{center}
\end{figure}
\begin{description}
\item[item1]
\item[item2]
\end{description}
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
%
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%

\section{pluto-daemons}
\begin{figure}[H]
\caption{GCE Host to Intranet via VPN}
\label{fig:GCE-Host-to-Intranet-via-VPN}
\begin{center}
\includegraphics[scale=0.65]{dia/pluto-daemons.pdf}
\end{center}
\end{figure}
\begin{description}
\item[item1]
\item[item2]
\end{description}
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
%
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%

